Twitch Blames Embarrassingly Massive Data Leak On A Server Configuration Error

This week has seen its share of headlines concerning data breaches and leaks. Late last night Twitch reported on its blog page that its data breach was "due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party.”" They went on to say that they are working with urgency to investigate the incident. It is interesting to note that Facebook also blamed its recent outage this week on server configuration changes.

Many Twitch users woke up Wednesday, Oct. 6th, to reports that Twitch had been hacked and 125GB of data had been leaked. Twitch later confirmed those reports on its Twitter feed saying in part, "We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this."

Part of what was leaked included an unannounced “Vapor” digital storefront from Amazon Game Studios, and payout details for some of the biggest content creators on the site from 2019. Also, the hacker said that this was just part one of what they planned to release.

Today Twitch added to its blog page that "Out of an abundance of caution, we have reset all stream keys." This left some streamers last night wondering why they were unable to get their stream up and running on the site who had not yet received the memo. It is still not a bad idea to go ahead and reset your stream key again even if you don’t stream on the site.


It is worth noting that Twitch has indicated that full credit card numbers are not stored by them, so none were exposed. However, it is still a very good idea to reset your password and set up two-factor authentication if you have not already.

We may never know the true reason the hacker had for leaking the information, but this week has surely taught us that our own internet security is always at risk and to take every step to safeguard it.